package com.xm.servlet.background.admin;

import lombok.SneakyThrows;


import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;


/**
 * Admin的Servlet 后台登陆页面
 *
 * @author 康文程
 * @date 2023-12-14 上午 09:48
 */
@WebServlet("/background/admin")
public class AdministratorServlet extends HttpServlet {
    /**
     * 登陆
     * @param req  an {@link HttpServletRequest} object that
     *             contains the request the client has made
     *             of the servlet
     * @param resp an {@link HttpServletResponse} object that
     *             contains the response the servlet sends
     *             to the client
     */
    @SneakyThrows(Exception.class)
    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) {
        HttpSession session = req.getSession(false);
        // 获取会话中存储的CSRF令牌
        String sessionToken = (String) session.getAttribute("csrfToken");
        //查看是否有令牌
        System.out.println(sessionToken);

        // 验证CSRF令牌
        if (sessionToken != null) {
            req.setAttribute("status",true);
        } else {
            // 令牌失效
            req.setAttribute("status",false);
            System.out.println("CSRF令牌验证失败");
        }
        req.getRequestDispatcher("/WEB-INF/page/background/login.jsp").forward(req, resp);
    }
}
